Cerb - system firewall mechanism.
It's a kernel module, which is a complete security solution for FreeBSD.

Features.

• Fine graind supervision of selected system calls and their arguments.
• Possibility of system call arguments and return value change
• Nearly arbitratry process properties' modification
• Free runtime sysctl modification
• Precise and configurable logging
• Intuitive, flexible and powerful rule description language

• noexec-by-group.cb
• noexec-by-dir.cb
• degrade-unknown-sugids.cb
• restricted-debug.cb
• restricted-link.cb
• log-exec.cb
• ping.cb
• screen.cb
• passwd.cb
• openssh.cb
• addons.cbh
• main.cb

For more information see Cerb Documentation:

• CerbNG Installation Guide
• CerbNG Configuration Language Reference
• Rough Guide to CerbNG

• Download
• Mailing list archive
• Project info (SourceForge)

hosted by: